Pinned
Every other exchange charges you $1+ to move between stablecoins. Why?
Manifest
813 posts
Manifest
@ManifestTrade
- Replying to @ManifestTradeThis is what institutional-grade DeFi infrastructure looks like. Not just smart contracts — defense in redundancy. Separate keys, separate servers, separate security boundaries. One compromise doesn’t mean game over.
- Replying to @ManifestTradeDestiny and Fate have been audited by @accretion_xyz 24 findings, 0 critical, 0 high. 21 of 24 fixed. The 3 acknowledged items are deliberate design trade-offs. Full report: manifest.trade/destiny-audit.…
- Replying to @ManifestTradeFate is live on the upPYUSD Destiny vault, built in collaboration with @PayPal and @SentoraHQ. Currently yielding 10.5% APY through programmatic market-making on the Manifest order book.
- Replying to @ManifestTradeKey design decision from the audit: Fate rejects CPI calls — it can only be invoked as a top-level instruction. This prevents a malicious program from assembling both signatures through a forwarding attack.
- Replying to @ManifestTradeThe co-signing server runs on separately managed infrastructure with tighter security controls than the primary trading server. If the hot wallet is compromised, the co-signer stops approving and trading halts immediately.
- Replying to @ManifestTradeCase in point: GoonFi lost >$250K in March when their propAMM traded on a wrong price. Fate’s co-signer runs multiple plausibility checks on every price update to prevent exactly this — whether the cause is a bug, stale data, or a compromised key.Goonfi v2's WSOL/USDC pool is drained for about 250k likely due to a misconfig/bug in the program an hour ago. The program is now halted. solscan.io/tx/5A1YuYHff5R…
- Replying to @ManifestTradeFate solves this by assigning the trader role to a PDA it controls. Both your primary trading server (signer A) and a separate co-signing server (signer B) must agree on every instruction. 2-of-2, but automated — zero human latency. But the co-signer doesn’t just blindly
- Replying to @ManifestTradeThe problem: if your trading server gets compromised, the attacker has a key that can trade on your behalf. Traditional multisigs are too slow for HFT — you can’t have humans approve every order placement. Even if you have withdraw gated, an intentional fat finger can create a
- Replying to @ManifestTradeDestiny vaults enable passively liquidity provisioning on Manifest and have two permissioned roles: Owner (admin — config, asset listing, role changes) and Trader (limited strictly to trading). The trader key is the one that’s hot, signing every order, every re-balance, 24/7.
- Fate is now live, a co-signer for @manifest_trade Destiny vaults. It’s a 2-of-2 CPI pass-through multisig that adds a kill switch to every trade - a built in risk manager to secure automated trading. Here’s what that means for onchain trading and why it matters👇
- Secure permissionless free systems win over all long time horizonsNews: Return of the CLOB? @ManifestTrade Trade Climbs @solana DEX Rankings ✍️ @solace_fm solanafloor.com/news/return-of…
- Another day on top - yet you were told CLOBs are dead on @solana Facts: 1. Solana is the spot chain. 2. Solana is the CLOB chain. 3. Manifest is the spot CLOB.
